According to Gartner predictions for 2023, lack of talent or human failure will be responsible for over half of significant cyber incidents by 2025! 

What does this mean for your business?  

Basically, if your staff aren’t properly trained in cyber security, your business is at a much higher risk of attack. 

We would recommend that if you don’t currently have a programme of cyber security training in place, that you get one. And if cyber security doesn’t appear on your boardroom agenda, then it should. 

The human firewall 

We’ve spoken about the human firewall before but it’s worth a reminder. With the Gartner stats above demonstrating the prominence of human error in cyber breaches, please do make sure you’re aware of the vital role both you and your teams take in securing your organisation against attack. 

What is the ‘human firewall’?  

Ensuring that the people who use your business IT kit are well-versed in cyber security is essential; too often cyberattacks focus on people in order to infiltrate a business. To form a human firewall staff need to be:  

  • Trained in cyber security, understand how to maintain it and recognise when an attack is taking place  
  • Enabled to report a potential breach as soon as it occurs  

Human firewalls take different forms depending upon the size of a business, but we’d recommend that your SME includes as many team members in this as possible!  


Cyber security training needs to be a regular feature for ALL personnel within a business. Just because a staff member is not a regular computer user doesn’t mean they won’t get targeted. Hackers will use ‘social engineering’ tactics to work out who does what within a business, where they fit into the hierarchy and what their vulnerabilities are.  

Regular and good quality training will ensure staff understand their role in the cyber security of the business and how they can help prevent an attack.   


Within training programmes personnel need to be made aware of the process for reporting a potential cyber breach. Staff need to feel empowered to speak up if they fear an attack is occurring. Nipping an attack in the bud could prevent significant damage to your business.   

Cyber resilience  

Any amount of cyber security will not necessarily prevent an attack. Making sure your business has a plan for dealing with an attack, should it occur, is vital and human action is at the heart of ensuring resilience.  

Never assume  

To conclude, don’t assume that your cyber security products are covering all bases. Your human firewall is essential. If you’re not convinced that you have one, and need advice, please ask Net Primates